Fortify YOUR Defense with CyberSponse Adaptive Security

What is Security Orchestration Automation & Response? Why do I care or need it?

What are the key things Security Teams should look to automate? Email Phishing Endpoint Infections Hunt, Block & Tackle Incident Response Multiple Logins Attempts SIEM Rules Auth Events Alert Mission: Block Malicious Intent or Close as False Positive Source Target Response Who is? Asset? Block IP Geolocation? Owner? Disable Account Reputation? Cause? Patch Vulnerability Threat Intel? Who else? Audience questions: 1. How many Alerts What are the key elements needed to be ready for SOAR?  TTR Status Next 12 Mins? False Positive? 100+ alerts in queue 3+ Security Tools 3+ Security Staff

Challenges that SOAR Solves in Current Environment Alert Fatigue Slow Response Times Lack of Collaboration Challenges Alerts Overload Lenient Rules > False Positives > Alert Fatigue Strict Rules > True Negatives > Weak Security Multiple, Disintegrated Tools Fact: You would easily have 18 to 25 products to deal with Question: How many SIEM or Firewalls can you learn? Manual and Inconsistent responses causing weak security posture Solution: SOAR augments human analyst Single Pane of Glass to manage all activities of SOC Measure and Boost SOC Efficiency Deliver consistent investigation and response Leverage automation without programing skills Salient Features and Use Cases Integrated with SIEM to receive, respond and close the alert Automated Triaging, Enrichment, Investigation and Remediation Investigations for Phishing, C&C, Data Exfiltration etc. Automated Remediation with human approval Integrations with 250+ products, 3000+ actions

SOAR’s Integrate your SOC with diverse tools Investigate Remediate Enrich Ingest Triage Contain 250+ Connectors, 3000+ Actions

Enterprise Case Management Orchestration and Automation Why you want an Incident Response and Automation Platform Enterprise Case Management Orchestration and Automation Incident Response Platform Highly Configurable Role based Access Multi-Tenant Case Management Orchestration & Automation Playbooks Connectors/Integrations SOAR Platform Case Management Automated Playbooks Multi Tenant Highly configurable platform Contextual Data Visualization Build your own Modules Visual Playbook Designer, Out of Box Connectors, Real Life Use Case’s Reference Content Distributed/Federated Architecture Control Access to Data and Playbooks

SOAR’s Automate Information Flow & Incident Response Action Block URL, IP, Domain, File hash Disable User Account Reset Password Orient Gauge the Impact Integrations eMails Lorem Ipsum Lorem ipsum dolor sit amet, consectetur adipiscing elit SIEM Alerts Observe Enriched contextual data from Threat Intel, Asset Management, User Directory, Historical Data Decide Manual Decisions, Tasks, Approvals Other Alerts (EDR, IDS etc) Actionable Data SOAR Alert Record Response Playbooks

How to Obtain a Security Operations ROI with SOAR FASTER RESPONSE Time Per to Complete Weekly Incidents Time Spent Time Cost Savings Annually Savings (Hours) Savings (%) ($150/h)   45 50 390 0% $0.00 Manual minutes Incidents hours 22 75 190 200 75% $180,000 Semi-Automated 1.4 100 12 378 98% $472,800 Automated Minutes INCREASE MORALE Cost Savings MANAGE ALERTS Threat Window

Explore CyOPsTM Community Edition Reach us at Sales@CyberSponse.com Manage: Alerts, Incidents, Indicators, Tasks across Tenants Measure: MTTD, MTTR, ROI, Reports, Dashboards Respond: Automate, Visual Playbook Designer, Out of Box Connectors Solutions: SOC Automation, Vulnerability Management and BYOS